Steven Jones wrote:

Once these actions are carried out does that mean the webgui is active? is is 
there any other actions needed to make the promoted replica the new read/write 

Promoting a replica is only necessary if you installed with a selfsign CA and want to issue certs from that machine. With selfsign you really should pick one machine as the CA and stick with it otherwise you'll end up issuing different certs with duplicate serial numbers and sooner or later that will catch up with you. Promotion is documented in case that single point of failure, well, fails.

Once a replica is installed it is a full IPA server. This means the UI, XML-RPC interface, KDC, LDAP backend, the works. The only optional components are the DNS and CA (dogtag).



Freeipa-users mailing list

Reply via email to